Hi Rob. This is an unfortunate situation caused by a combination of the way node global installs work on windows by default, windows per-user paths and a couple of other things I will touch on later.
First, some useful command line tips
- Determine the install path for “global” installs:
npm root -g ↵
- Viewing the current users path:
- Viewing the current user
set | find "USERNAME"
Global install is global to a user (not the OS) by default
If you run the command to determine the “global” install path for your admin user and for your normal user, you will see they are 2 different locations.
To simplify that statement, NPM Global Instals are “Global to the user” not “Global to the OS” (by default).
With that in mind, you can determine that installing the device agent globally as the admin means a standard user cannot access it.
Next, there is the issue of path. I have found over the years (and never really nailed it down) that the path env var of node-js can be missing from the standard user. I suppose I could run a bunch of tests to find the right / wrong way to achieve this but in essance, the user attempting to run
flowfuse-device-agent must either have the right path settings OR use the FULL path when launching the
By default, on windows,
npm -g installs to
%USERPROFILE%\AppData\Roaming\npm and that is where the batch file to start up
flowfuse-device-agent gets written. If
%USERPROFILE%\AppData\Roaming\npm is NOT in the users path, then it will shout out what you witnessed “‘flowfuse-device-agent’ is not recognized as an internal or external command”
- Change NPM global install path to a central location so that it is truly “global”
- This is the method best suited to server like devices (those not intended to be used by multiple different users for general purpose tasks)
- PRO: For machines administered by an IT dept, this can work well. Global installs are restricted the path configured (typically somewhere protected like
c:\ProgramData\npm\..., then a restricted user account is used to run the application
- PRO: NodeJS Applications on the machine can easily and safely be Ran as a service
- CON: Regular users are highly restricted
- Permit the user to perform
npm -g installations
- On an OOB windows installation, this is the default (IIRC)
- PRO: User can install and run global packages from the command line. This is not as “scary” as it sounds since the restricted user can only do what they are permitted to do by way of their account settings and restrictions.
- PRO: Different users can have their own “globally” installed versions of nodejs applications
- CON: It is not so straight forward for applications to be “ran as a service” (can be done with Local Policy or domain account policy).
My Notes and Musings
Since the device agent is typically used as a long running application/service, it is more suited to a “server” setup (be that a VM, an edge device, RPi etc). It doesn’t necessarily mean it should be “Windows Server” just that it is more suited to device that is not intended to be a multi-purpose, multi-user computer in your average office.
If however, a typical user on a typical multi-user, general purpose office PC wishes to use/test the device agent, then that too is fine (bearing above restrictions in mind).
Assuming server like (edge?) device
Where an admin sets up the computer and typically runs the agent as a service, and has a user group for “support” users, this would be my recommendation.
As an admin
- Remove/revert any npm path changes
- Create a restricted account (the account that will run the agent) and update Local Security Policy to permit the account to “Run a service”
- Re-install latest node LTS (16 is currently the recommended version for device agent, but 18 is a better choice IMO)
- Be sure to tick the box to include Tools for Native Modules when prompted
- Create a service account (the account that will run the agent)
c:\opt\flowfuse-device directory and ensure the service-account has read + write access to it
As the service account
TIP: You can fire up a
cmd from the logged in admin account to save logging off. From a command prompt, enter
runas /user:agent-service cmd
agent-service is the name of the service account created above)
- Perform the install as per the agent docs
npm install -g @flowfuse/device-agent
- get the
npm path for this user by running
npm root -g ↵
- check the users path - the
npm path should be present. If not, run
rundll32 sysdm.cpl,EditEnvironmentVariables and add it
As an admin
- Set up a service runner to run the agent.
- There are many options however I would recommend
nssm as you can set it up to redirect the
stderr to file for later interrogation (it has log rotation too) (without this, the admins/support guys will have no logs since they will disappear into the ether!)
- Remember to set the service to log on as your service account.
NOTE: I have not tested all of this (most of it is from memory from a few years back), but I hope there are enough pointers to get you moving in the right direction. Please do feedback your findings and feel free to ask questions - I will try to help you get up and running.